Looking for a solution to the ever-increasing tide of spam pouring into your enterprise? New research from the Yankee Group gives five recommendations to consider before making the investment.
"Spam filtering is 95% effective with less than 0.002 percent false positives," said Yankee Group Analyst Phebe Waterfield. She recommends that organizations invest in a flexible system that permits setting different rules for users and filters by domain, business unit and end-user.
Other suggested qualities include combining antispam or e-mail content filtering with antivirus protection at the perimeter and finding a product with reasonable administrative overhead -- one or two hours a week -- to maintain effective spam signatures and track down false positives.
"Administrators and end-users can expect to spend some time deleting spam, or chasing accidentally blocked e-mails," said Waterfield. "The amount of overhead depends on the quality of the solution."
"Flexible solutions can grow with the enterprise and accommodate changing business needs," said Waterfield's report. "Look for features that allow a balance between the need to block unsolicited commercial e-mail and end users' preferences for receiving commercial e-mail."
Increasing effectiveness is often a trade-off with more false positives. According to the report, using multiple layers -- such as, heuristics, artificial-intelligence-aided pattern recognition, spam fingerprinting and advanced statistics -- can help. Waterfield reminds international enterprises to ensure foreign languages don't adversely affect detection rates.
Implementing technology from different vendors provides a more effective layered defense; look for solutions with multiple antivirus engines or a different antivirus engine than the solution employed at the desktop, according to the report.
Waterfield recommends adding protection for externally accessible e-mail servers by choosing a solution that prevents invalid requests from being processed, allowing e-mail servers to process only legitimate e-mail. SMTP relay users can reconfigure perimeter security devices to only accept e-mail traffic from the service provider.
Small- and medium-sized businesses should use hardware and service-based solutions because software solutions require more administrative overhead, according to the report. Hardware and service-based solutions should combine antispam, antivirus and perimeter security to address multiple business goals in a single package.
"New e-mail security devices offer a solution to unsolicited e-mail almost "off-the-shelf,'" said Waterfield. "The one-time price and ease of installation are attractive to small and medium business with limited IT resources."